How HACKERS Send Malware | DNS Spoofing

Поділитися
Вставка
  • Опубліковано 12 січ 2025

КОМЕНТАРІ •

  • @Cyb3rMaddy
    @Cyb3rMaddy  Місяць тому +9

    To try everything Brilliant has to offer-free-for a full 30 days, visit brilliant.org/Cyb3rMaddy/ . You’ll also get 20% off an annual premium subscription.
    This video was sponsored by Brilliant

  • @nulldnb
    @nulldnb Місяць тому +37

    Best way for me to learn is standing over someones shoulder watching them do and explain what they are doing. This is the first time I've seen wireshark in action and thank you so much for how you teach this.
    This is also the first time I've looked at wireshark and didn't feel like I was reading gibberish. Subscribed.

    • @Cyb3rMaddy
      @Cyb3rMaddy  Місяць тому +7

      So glad to hear!! This feedback means a lot. Thank you!!

    • @aty4282
      @aty4282 Місяць тому +1

      Same here. Thanks 🗿

    • @RunsOnRust
      @RunsOnRust Місяць тому +1

      @nulldnb Respectfully... This isn't really using Wireshark. Prebuilt filters should be in place. Then once on the trail of something an individual should follow the session conversation. She dipped from DNS to HTTP without looking at any other traffic while allowing all src and dst traffic. Also conveniently doesn't mention how the majority of DNS and HTTP traffic is secured. A competent professional in the industry is going to force their browser/computer to use a static DNS of their choice, and force both DNS and HTTP to be encrypted. You would be able to see the IP's... but you are not going to see the query, you are not going to see responses, you are not going to see get requests.
      Laura has been doing this for decades. If you want real world knowledge and applications she delivers information. If you want distractions she is not it. No such thing as a free education.
      www.youtube.com/@LauraChappellLab/videos

    • @JanSoltan-wj1hs
      @JanSoltan-wj1hs 26 днів тому

      ​@@RunsOnRustYes, she will most certainly not be a distraction

  • @mytechnotalent
    @mytechnotalent Місяць тому +4

    Great one Maddy! Love the Wireshark breakdown as it is interesting how they were able to get their DNS in before the Google DNS.

  • @KurtVanBever
    @KurtVanBever Місяць тому +74

    So... if I'm gonna have an affair, I'd better use protection?

    • @Zeroduckies
      @Zeroduckies Місяць тому +4

      You gonna get PWND

    • @th1nk.OUTLOUD
      @th1nk.OUTLOUD Місяць тому +1

      @@Zeroduckies😂

    • @th1nk.OUTLOUD
      @th1nk.OUTLOUD Місяць тому +1

      😂

    • @DonCuan491
      @DonCuan491 Місяць тому +1

      use Latex not condom 😂😂

    • @JanSoltan-wj1hs
      @JanSoltan-wj1hs 26 днів тому +2

      Yes, It's highly recommended to encrypt your private members (preferably with a strong password), especially when having an affair. Also remember not to choose a weak algorithm for the encryption, as that will make your protection prone to breaking and/or tearing during intense activities.

  • @Blob-qo5iq
    @Blob-qo5iq Місяць тому +13

    i can already hear all the smartys shouting "ThEn UsE DnS oVeR HTTPS!!11"

  • @natanaelviana580
    @natanaelviana580 23 дні тому +4

    It was funny to find a folder named 'affair.' You'll laugh even harder when you hear that here in Brazil, there was almost a coup d'état, and the police found a folder called 'coup draft' on a former minister's computer, so obvious 😂😂😂😂

  • @tqclergy6436
    @tqclergy6436 Місяць тому +2

    Keep up the great work Maddy. Thanks for sharing your knowledge.

  • @seanvalentinus
    @seanvalentinus Місяць тому +11

    Man, pulling that kind of shit is *typical* Pete Gallaway.

  • @l30sosa
    @l30sosa 13 днів тому

    This was funny and educational! Great combo. I immediately changed my folder titles after seeing this, blatantly suss stuff.

  • @olegbetsun2075
    @olegbetsun2075 Місяць тому +1

    Oh, great, my favorite cybersecurity blogger!

  • @safetime100
    @safetime100 Місяць тому

    Nice ❤ More incident analysis for other scenarios please

  • @RunsOnRust
    @RunsOnRust Місяць тому

    6:39 That 172.16 address is the attacker correct? The get request is sourced from the attacker... they would be downloading their own compromised file. Which leads me to the point the victim has to initiate a get request for the file. This DNS spoof/poison will not work unless the served page entices the victim to initiate the get request.
    Unless I'm missing something this has the Reedit circle jerk stench. Yeah bruh I just busted my boss at this MASSIVE convention in real time bruh.

  • @mrd6869
    @mrd6869 23 дні тому

    7:07
    Crazy question.
    Why are they noticing the IP address-operating system discrepencies AFTER the attack?
    Shouldn't internal IDS software filters have picked up that beforehand?
    This is why AI systems are going to integrated heavier into cybersecurity
    for preventative actions.

  • @KSneed9
    @KSneed9 47 хвилин тому

    would like to see this from attacker pov and how they execute it

  • @REDCULT-is-Live
    @REDCULT-is-Live Місяць тому +3

    These kinds of script I wrote 5 years ago. Idk why people cry FED FED FED Over this person with these script kitty skills.

    • @mczen84
      @mczen84 Місяць тому +1

      So you skipped the scriptkid phase huh?

    • @REDCULT-is-Live
      @REDCULT-is-Live Місяць тому

      @mczen84 I've been researching in infosec before you were even born kid.

    • @JamesHalloway_24
      @JamesHalloway_24 24 дні тому +1

      @@mczen84 bro is too good for us.

  • @markusaraknus9296
    @markusaraknus9296 Місяць тому +1

    amazing channel, glad we've found it

  • @costathoughts
    @costathoughts 7 днів тому

    In that case the main in the middle it would only work if the connection is without https, am I right ? I am a software developer it might be skill issues from my side

  • @thatcyberlad
    @thatcyberlad Місяць тому +2

    Wow she is getting sponsors now yayy!!

  • @christianvillela1734
    @christianvillela1734 Місяць тому +3

    Solution: Pi-hole and Unbound.

  • @TheLizardNerd
    @TheLizardNerd Місяць тому +1

    I didn't get one fact, how did attacker inject the DNS server? Is it possible to register the same domain with two different IP addresses?

    • @mxxr_d8964
      @mxxr_d8964 Місяць тому

      Yeah. In fact, it's very common. It assures redundancy.

  • @AnonRonin
    @AnonRonin Місяць тому

    what about bypassing ssl on android devices ssl pinning is in place do we need to bypass sslpinning to be able to capture the download from play store in mitmproxy I have a script that can merge the payload with the original apk :( that's where I am at 😢

  • @anshumishra9368
    @anshumishra9368 Місяць тому

    I fall in love with this channel 💕💕

  • @infiniteone-ew2ly
    @infiniteone-ew2ly Місяць тому

    well if some one click 15 warning popups away telling the site uses a wrong certificate

  • @MireyaGriese
    @MireyaGriese Місяць тому

    Great analysis, thank you! A bit off-topic, but I wanted to ask: I have a SafePal wallet with USDT, and I have the seed phrase. (alarm fetch churn bridge exercise tape speak race clerk couch crater letter). How should I go about transferring them to Binance?

  • @AssetH8ut2
    @AssetH8ut2 13 днів тому

    Love to see a video of under the hood of alphafold

  • @afesiadib9414
    @afesiadib9414 20 днів тому

    Doesn't burpsuite do this too?

  • @mohamedwaellabidi1850
    @mohamedwaellabidi1850 6 днів тому +1

    Good tuturial❤❤

  • @irfanhameed5613
    @irfanhameed5613 26 днів тому

    First time your video i watched you have unique style the way you teach or talk keep doing i have doubt; once we redirected to attacker fake website then its over, right ? all get and post req are automatically happen or we are the one making. let say in get request that zip contain malware and post request contain boss flight ticket. So goal of the attack is getting boss ticket right?.

  • @dmknght8946
    @dmknght8946 Місяць тому +1

    ASMR cyber sec content right here. Keep it up Mrs.

  • @comosaycomosah
    @comosaycomosah Місяць тому

    lol are you from New Jersey? sorta sounds like it around 3:46 or so

  • @noredine
    @noredine Місяць тому +1

    "Smile. You're on camera"
    What camera? 👀

  • @randomytvideos9523
    @randomytvideos9523 Місяць тому

    Also can you let me know where you downloaded this PCAP file from ? Is this like a lab activity or something?

  • @gashawdesalegn9071
    @gashawdesalegn9071 Місяць тому

    subscribed from Ethiopia!!!!

  • @Aplifiedproductions
    @Aplifiedproductions Місяць тому

    Another tech youtuber??? Sign me up! Yes Ive learned dns is a scary tool when your not watching it

  • @randomytvideos9523
    @randomytvideos9523 Місяць тому

    Thanks for the informative video Fam, 🎉

  • @DigitalPhreak765
    @DigitalPhreak765 Місяць тому +1

    Thanks for the informative video's 😀😀

  • @Spiritwithnosoul
    @Spiritwithnosoul Місяць тому

    can you make a video about how to start hacker journey or bounty bug really need a guide for it .

  • @yrds96
    @yrds96 Місяць тому +1

    Did you guys realized, it's ALWAYS DNS?

  • @mateusnanet
    @mateusnanet Місяць тому

    Great food on that region, including Bells and spices.

  • @ceemihail
    @ceemihail 25 днів тому

    You're having an affair? Those packets will get you. Can't hide!!

  • @whosgoingtocarrytheboatsan967
    @whosgoingtocarrytheboatsan967 Місяць тому

    Brilliant analysis 😊

  • @thatcyberlad
    @thatcyberlad Місяць тому

    can you please teach us how to send malware just for educational purposes?

  • @thetechfirm
    @thetechfirm Місяць тому

    nice job explaining the trace..

  • @juancruzbarneix6438
    @juancruzbarneix6438 Місяць тому

    so, using a VPN is also a good security measure here, right?

    • @AlmightyMek
      @AlmightyMek Місяць тому

      A public VPN provider, (assuming) doesn’t protect you from downloading malware.
      You should usually not ignore certificate warnings for public websites

    • @RunsOnRust
      @RunsOnRust Місяць тому

      @@AlmightyMek VPN would in fact work. To capture the packets the adversary has to be on the same networks. VPN is not the same network. To spoof/poison DNS in this fashion you have to be on the same network... VPN is not the same network.

  • @GhostStrats
    @GhostStrats Місяць тому

    Awesome video!

  • @0x25
    @0x25 Місяць тому

    iT seems your video has quitted at about 1:42, maybe it's my client

  • @JohnV-e6g
    @JohnV-e6g Місяць тому

    So he didn't even get to Ninja

  • @sirjohn6299
    @sirjohn6299 21 день тому

    I LOVE YOUR KIRBY

  • @noemanfredonia8646
    @noemanfredonia8646 19 днів тому +1

    This shit is Comedy haha!Hellyeahh! MerryChrismas World (:

  • @alphaeligon9226
    @alphaeligon9226 Місяць тому

    😮😮😮😮😮...amazing tutorial! New subscriiber to the YT channel, hope 2 see more content!

  • @behi667
    @behi667 Місяць тому

    As a non-native speaker I got stunlocked at 3:25 mins in. What's incorrect about the grammar? Is it supposed to be like "Recently, your boss..."? PLEASE HELP ME! :D

    • @RealHypeFox
      @RealHypeFox Місяць тому

      You're correct! It should say "recently" instead of "lately".

  • @gabe-g4j
    @gabe-g4j Місяць тому

    Ok, è una challenge, quindi una prova, ma non capisco una cosa, come hai fatto capire che l'altro è il reale IP?

  • @SupCortez
    @SupCortez Місяць тому

    You got a haircut! Nice

  • @rendiardanek4890
    @rendiardanek4890 Місяць тому

    Beaty as always 🎉

  • @BlueDolphinBlues
    @BlueDolphinBlues Місяць тому

    Is that request http or https? 7:30

  • @pranjalsharma5611
    @pranjalsharma5611 Місяць тому

    You are very intelligent 🙇🏻

  • @thuslymars
    @thuslymars Місяць тому

    3:52 Pete Galloway based

  • @biosapper
    @biosapper 8 днів тому

    Where are the PsyOp comments?

  • @Ahmedoooba2
    @Ahmedoooba2 Місяць тому

    best explanition ever ❤

  • @ElvisD-t6v
    @ElvisD-t6v Місяць тому

    Great work.

  • @Canoo49
    @Canoo49 Місяць тому

    GEILE MAUS !

  • @WTF-Producciones
    @WTF-Producciones Місяць тому

    beautifull blue team 💙

  • @AssetH8ut2
    @AssetH8ut2 13 днів тому

    Though I have some ideas

  • @ronen1n91
    @ronen1n91 Місяць тому

    Don't use Mac. Got it thanks 👍

  • @Mbro-dq2do
    @Mbro-dq2do Місяць тому

    Great video. Thanks girl. Cool to see more girls in the game. We men have f--ked enough shit up

  • @sabuein
    @sabuein Місяць тому

    Thank you.

  • @nuclearducks7387
    @nuclearducks7387 Місяць тому

    So a malware tutorial

  • @denriazanets9247
    @denriazanets9247 Місяць тому

    Парень тебе нужен, а не вот это вот всё 😂

  • @l77ee
    @l77ee Місяць тому +1

    the best

  • @polnareff7797
    @polnareff7797 Місяць тому

    Papi rompiste

  • @DUSPIARON
    @DUSPIARON 23 дні тому

    Dns ....diaxxas😢😢❤😆😆😆❤

  • @مولودهارون-ض6ح
    @مولودهارون-ض6ح 16 днів тому

    OK 👍

  • @eseokpongete8468
    @eseokpongete8468 Місяць тому

    This is cool.

  • @Байкальскиймедведь

    ❤ Какая Симпатичная девушка!!!👍👍👍💯🥰💐💐💐💐💐💐💐💐💐💐💐💐💐

  • @oreidoshackers
    @oreidoshackers Місяць тому

    you are a cat

  • @supermold
    @supermold Місяць тому +1

    wow, so much criminal, so much hacker

  • @QuadDerrick
    @QuadDerrick Місяць тому +2

    You make it sound like a simple race condition between any hacker and the dns , that it is trivial to win it. You pull a pcap file from some competition very neatly prepeared data, not showcasing any how difficult it is to set up a spoofing attack against anyone that does not sit in your lab. All to sell your ad... Boo.

    • @JanSoltan-wj1hs
      @JanSoltan-wj1hs 26 днів тому

      Yeah sure bro, but this is more like a showcase/introduction for the less experienced, I think

    • @QuadDerrick
      @QuadDerrick 26 днів тому

      @JanSoltan-wj1hs opinions are still allowed to have to some degree, unless we talking about jews. but i still think its an ad.

  • @chochkataottrakia290
    @chochkataottrakia290 Місяць тому +1

    Maddy with some lipstick turns into a baddie

  • @Muslih_1988
    @Muslih_1988 Місяць тому

    Maddy you are so beautiful ❤❤❤❤❤❤

    • @JanSoltan-wj1hs
      @JanSoltan-wj1hs 26 днів тому

      I thought hopeless simping was haram or some shi
      Or a sin, whatever

  • @tametov
    @tametov Місяць тому

    Cool!

  • @Bla_ck_LA_Goon
    @Bla_ck_LA_Goon Місяць тому

    This woman turned on the PC herself yet.

  • @supermold
    @supermold Місяць тому

    don't have an affair is the easier option lol

  • @zhisongcui8254
    @zhisongcui8254 16 днів тому

    She's so gorgeous🤫

  • @gleitonfranco1260
    @gleitonfranco1260 Місяць тому

    😱🧑‍💻🦈🌎‼

  • @dariokartal9453
    @dariokartal9453 Місяць тому

    She kinda talks like Mitch Hedberg.

    • @RealHypeFox
      @RealHypeFox Місяць тому +1

      I used to like OpSec. I still do. But, I used to too

    • @dcrash_
      @dcrash_ Місяць тому

      lol

    • @Daijyobanai
      @Daijyobanai Місяць тому +1

      She used to talk like Mitch, she still does but she used to too.

  • @TELL_ME_WHY_NOT
    @TELL_ME_WHY_NOT Місяць тому

    hack

  • @niewazneniewazne1890
    @niewazneniewazne1890 Місяць тому

    thank you maddy, but we know what DNS Spoofing is, this is only because the middle school's IT program is so boring it shouldn't be a re-do of elementary school IT curriculum where you learn office for the 20th time

  • @SomeOne-mw8zl
    @SomeOne-mw8zl Місяць тому +1

    u single? :''D

    • @MrArkaneMage
      @MrArkaneMage Місяць тому

      Müsste aber mach dir lieber keine Hoffnungen ^^
      Wenn es dich antreibt zu lernen ok, die Chance ist aber gegen 0, dass sie dich aufgrund eines solchen Kommentares überhaupt wahrnimmt und wenn dann nur als Simp - Frauen im Internet sind sehr viel gewöhnt, darüber einen richtigen Kontakt aufzubauen vor allem im Ausland... eher unwahrscheinlich, sorry dir das zu sagen bro :(
      Wie sagte mein Vater so schön... auch andere Mütter haben schöne Töchter :)
      Die meisten sind zwar nicht intelligent, aber es gibt sie auch hier, bloß nicht die Hoffnung aufgeben und die Energie in etwas "reales" stecken! :)

    • @SomeOne-mw8zl
      @SomeOne-mw8zl Місяць тому

      @@MrArkaneMage komplimente machen ist also etwas schlechtes, traurige welt in der du lebst. tut mir leid für dich D:

    • @MrArkaneMage
      @MrArkaneMage Місяць тому

      @@SomeOne-mw8zl dann hab ich deinen Kommentar wohl missverstanden, sieht für mich nicht nach einem Kompliment, sondern nach Anbiederei aus :D

    • @sadasow2670
      @sadasow2670 Місяць тому

      Damn Germans smh

    • @MrArkaneMage
      @MrArkaneMage Місяць тому

      @@sadasow2670 thats wacist

  • @BenedictGS
    @BenedictGS Місяць тому +1

    I restraint myself from clicking the video, knowing the channel before hand and how distracted i could be by impeccable gorgeous physical beauty which make me disregard the cybersecurity knowledge and skill brought upon in the video. Which is unwise of me. Forgive me.

  • @CreativeWerxGFX
    @CreativeWerxGFX 26 днів тому

    mm, hot network nerd. the apex of digital age.

  • @svporqueno
    @svporqueno Місяць тому +1

    Gorgeousness

  • @Mywifeleftme3
    @Mywifeleftme3 4 дні тому

    My wife left me

  • @FazaFaezatulRizki
    @FazaFaezatulRizki 24 дні тому

    @faza google chrome 😮😮❤